11/19/2084 17:54 561-989-9812 FLEIT KAIN ET AL. PAGE 04/25 



IN THE CLAIMS 

1 . (Currently Amended) A method of securely providing content data to a user's system over a 
web broadcast infrastructure with a plurality of channels, the method comprising the steps of: 

encrypting content data using a first encrypting key to form encrypted content data, 
wherein the first encrypting key is a symmetric ke y with a corresponding first decrypting key ; 

encrypting the first decrypting key, using a second encrypting key of a trusted third p^rty, 

broadcasting promotional metadata related to at least part of the encrypted content data on 
a first web broadcast channel for reception by at least one user's system; 
se nding at least part o f the encrypted content data ovci a second channel; 

transferring the encrypted first decrypting key, which has been encrypted with the second 
encrypting key> to the user f s system via a computer readable medium; 

transferring the encrypted first decrypting key, which has been encrypted with the second 
encrypting kev to the trusted third party: 

receiving the encrypted first decrypting key, which has been decrypted bv the trusted third 
party and re- encrypted with a user 's system kev: and 

decrypting, on the user's system in a tamper resistant environment, the encrypted first 
decrypting key with a s e c o nd deuypliug k e y and nxncryplul with Un&lul tliiid party key the 
user's system kev : 

w h e r e in th e laiiipu iu>istant cnvir u imicnt forms rccnc r y p l e d content data by dcc iyptiug the 

u i ci ypt e d content data wiQi the first decrypting key and iiaiuyptiug die uonluil data with a 
lo c ally g c nciatcd digital cuutctit playei cnciyptmg key so to be cuinpaliblc with a con tent player 
applica t ion un the use r ? s system which l e nders ic c nciypted content data d c livcicd hum one of a 
telecommunications infiastmc t uic and a computer readable s to rag e medium. 

2. (Original) The method as defined in claim 1, wherein the step of broadcasting the promotional 
metadata includes broadcasting the promotional metadata periodically over a predetermined time 
interval. 
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3. (Previously Presented) The method as defined in claim 1, wherein the step of broadcasting the 
promotional metadata includes the sub-step of: 

converting at least the promotional metadata into a format readable by a web browser. 

4. (Previously Presented) The method as defined in claim 1, wherein the step of sending at least 
part of the encrypted content data includes broadcasting a schedule of a broadcast time and web 
broadcast channel for at least part of the encrypted content data. 

5. (Previously Presented) The method as defined in claim 1, wherein the step of sending at least 
part of the encrypted content data over a second channel includes broadcasting the encrypted 
content data in a format compatible with DirecPC™. 

6. (Previously Presented) The method as defined in claim 1, wherein the promotional metadata 
contains a schedule of broadcast times for the encrypted content data. 

7. (Currently Amended) A method of securely receiving content data on a user's system from a 
web broadcast infrastructure with a plurality of channels, the method comprising the steps of: 

receiving promotional metadata from a first web broadcast channel, the promotional 
metadata related to encrypted content data; 

assembling at least part of the promotional metadata into a promotional offering for 
review by a user; 

selecting by a user, encrypted content data to be received related to the promotional 
offering metadata; 

retrieving the encrypted content data from a user's system via a second-channel, the 
encrypted content data selected from the promotional metadata, and wherein the encrypted 
content data has been previously encrypted using a first encrypting key, wherein the first 
encrypting key is a symmetric kev with a correspondin g first decrypting kev. wherein the second 
channel is selected from the group consisting of a telecommunications network, a broadcast 
transmission, and a computer removable storage medium; 
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receiving the first decrypting key via a computer readable medium, the first decrypting 
key for decrypting at least some of the encrypted content data received via the second web 
broadcast channel , wherein the first decrypting key has been encrypted with a second encrypting 
key of a trusted third party: 

transferring the encrypted first decrypting key, which has been encrypted with the second 
encrypting key to the trusted third party: 

receiving the encrypted first decrypting kev. which has been decrypted bv the trusted third 
party and re-encrvpted with a user's system key , and 

decrypting, on the user's system in a tamper resistant environment, the encrypted first 
decrypting key with a &Lcmid deciypting key: the user's system key: 

wherein the tamper resistan t envir o nment forms reencrypted c o n te nt data by d e c r ypting th e 

encrypted con te nt da t a with t h e firs t decrypting key and r ee nciy p ting th e content da t a wiflva 
locally g e nerated digi t al content player encryp t ing key s o to be c o mpa t ibl e with a con te nt play e r 
application o n the use r 's syst e m which rendeis le e iiuypted content data d e liv e ied fium uue uf a 
t e lecommunica t ions infras t ructure and a c o mputer readable st o rage medium . 

8. (Original) The method as defined in claim 7, wherein the step of assembling at least part of the 
promotional data includes assembling at least part of the promotional data into a format readable 
by a web browser and wherein the step of selecting includes selecting with a web browser. 

9. (Previously Presented) The method as defined in claim 7, wherein the step of selecting 
includes selecting promotional material that has been previously received and stored on the 
user's system. 

10. (Previously Presented) The method as defined in claim 9, wherein the step of selecting 
further comprises the sub-steps of: 

determining a schedule for next web broadcast of the encrypted content data selected; 
setting a trigger to trigger the user's system to receive the next web broadcast on the 
second channel. 
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1 1. (Previously Presented) The method as defined in claim 10, wherein the step of retrieving 
encrypted content data from a second channel, includes receiving the encrypted content data 
selected from the promotional metadata on a web broadcast channel and a time provided by the 
trigger. 

12. (Previously Presented) The method as defined in claim 7, wherein the step of retrieving 
encrypted content data from a second channel includes receiving data in a format compatible 
with DirecPC™. 

13. (Previously Presented) The method as defined claim 7, wherein the step of receiving data 
from a second channel includes the sub-step of: 

authorizing over a back channel that the user's system is authorized to receive the data 
selected; and wherein the step of receiving the first decrypting key includes receiving the first 
decrypting key only if the user's system is authorized to receive the encrypted content data 
selected. 

14. (Previously Presented) The method as defined claim 7, wherein the step of receiving 
encrypted content data from a second channel further includes the sub-step of: 

notifying the user the next time the user starts the user's system a status if the current data 
selected from the promotional metadata has been received on the user's system. 

15. (Currently Amended) The method as defined in claim 7, wherein the step of receiving the 
first d e crypting ke v encrvpted content data, includes receiving th e encrypted content data first 
d e crypting key that has been encrypted with a sec o nd enci vpting key along with a network 
address of the trusted third party . 

16. (Original) The method as defined in claim 15, wherein the step of receiving the first 
decrypting key includes receiving the first decrypting key over a broadcast stream. 
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17. (Currently Amended) The method defined in claim 15, wherein the secunddeeij/ptingkeyis 
.ml H H i U J f "™ network addres s nf the trusted third narty is an address of a 
clearinghouse. 

18. (Currently Amended) The method defined in claim 15, wherein the firstseeortd decrypting 
key has a timeout provision for decrypting dat a - dial U«u> been uiuyptcd with the sec o nd 
uuujution key ia suit to the u&u's avblem Horn a il i aiiiigh o use . 

19. (Currently Amended) A system for securely providing content data to a user's system over a 
web broadcast infrastructure with a plurality of channels, the system comprising: 

a content system; 
a first public key; 

a first private key, which corresponds to the first public key, 
a data encrypting key; 

a data decrypting key for decrypting data encrypted using the data encrypting key, 
wherein the first encrypting key is a symmetric key with a corresponding first decrypting key , 

first data encryption means for encrypting data to form encrypted content data so as to be 
decryptable only by the data decrypting key; 

second data encryption means, using the first public key, for encrypting the data 

decrypting key; 

a clearing house; 

a broadcast center, for broadcasting to one or more user's systems on a first web 
broadcast channel, promotional metadata related to data being broadcasted on a second web 
broadcast channel, and sending on the second channel encrypted content data, wherein the second 
channel is selected from the group consisting of a telecommunications network, a broadcast 
transmission, and a computer removable storage medium; 

a t Irast one user system with a firs t receiver means foT receiving the data decrypting key 

which has been encrypted : 

first transferring means for transferring the data decrypting key which has been encrypted, 
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to the clearing house, wherein the clearinghouse possesses the first private key, 

first decrypting means for decrypting the data decrypting key using the first private key; 
a second public ke y of the user's system : 

a second private key; which corresponds to the second public key; 

re-encryption means for re-encrypting the data decrypting key using the second public 

key, 

second transferring means for transferring the re-encrypted data decrypting key to the 
user's system, wherein the user's system possesses the second private key; 

second decrypting means for decrypting the re-encrypted data decrypting key using the 

second private key; and 

decrypting, on the user's system in a tamper resistant environment, the encrypted data 
decrypting keywith the first private key, 

wh e rein the tamper resistan t cnviiuiniiciit foiim rccnery p ted c o nt e nt da t a by decrypting the 

enuypl L d cuutuit data with the data dmypUng key and i i uiiiypliug die luiiluit data with a 
luidlly genera t ed digital conten t player encrypting key so tu be c o mpatibl e with a content player 
applica t i o n on the user's sy&tcm wliich renders nuiuyptcd content data delivered torn one o f a 
t e lecommunications ixifiastiiic t ui e and a computer readable storage medium . 

20. (Original) The system as defined in claim 19, wherein the promotional metadata contains a 
schedule of broadcast times for the data. 

21 . (Currently Amended) A user's system for securely receiving data from a web broadcast 
infrastructure with a plurality of channels, comprising: 

a receiver for receiving promotional metadata from a first web broadcast channel, the 
promotional metadata related to data available for reception; 

an interface to an output device for presenting at least part of the promotional metadata 

for review by a user; 

an interface to an input device for receiving a selection by a user of the data to be 
received related to the promotional metadata; 
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a controller for controlling the receiver to receive data from a second web broadcast 
channel, the data selected from the promotional metadata, and wherein the data has been 
previously encrypted using a first encrypting key, wherein the first encrypting key is a symmetric 
key with a corresponding first decr ypting kev. wherein the second channel is selected from the 
group consisting of a telecommunications network, a broadcast transmission, and a computer 
removable storage medium; and 

an interface for receiving the first decrypting key via a computer readable medium, the 
first decrypting key for decrypting at least some of the data received via the second web 
broadcast channel, wherein the fir st decrypting kev has been encrypted with a second encrypting 
kev of a trusted third partv : 

transferring the encr ypted first decrypting kev. which has been encrypted with the second 
encrypting kev to the trusted third partv: 

receiving the encrypted fir st decrypting kev. which has been decrypted bv the trusted third 
partv and re-encrypted with a user's system kev ; and 

decrypting, on the user's system in a tamper resistant environment, the encrypted first 
decrypting key with a second decryp t ing kev . the user's system key? ; 

wherein the tamper resistant environment forms reencrypted content data by reencrypting the 
content data with a locally generated digital content player encrypting key; 

wherein the previously encrypt e d content Jala has beta decrypted with the fiisi deuypting 

key, and t he t amper resistant envir o nment storing th e reencrypted content data on storage devic e 
coupled to the us e r 7 s system is compatible with a player applicati o n used to render th e 
reencrypted content data delivered fium une of a teleconriamrica t ious infrastructure and a 
c o mputer readabl e storage medium . 

22. (Original) The user's system as defined in claim 21, wherein the output device is a web 
browser and the input device is coupled to the web browser for receiving a selection by a user. 

23. (Original) The user's system as defined in claim 21, wherein the controller further comprises: 

a schedule derived from the promotional metadata wherein the schedule is used to control 
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the receiver to receive data from a second web broadcast channel. 

24. (Original) The user's system as defined in claim 21 , wherein the receiver is adapted to 



receive 



data broadcasted in a format compatible with DirecPC 



TM 



25. (Currently Amended) A computer program product for securely providing content data to a 
user's system over a web broadcast infrastructure with a plurality of channels, the computer 
program product comprising: 

a storage medium readable by a processing circuit and storing instructions for execution by 
the processing circuit for performing a method comprising: 

encrypting content data using a first encrypting key to form encrypted content 
data, wherein the first encrypting key is a symmetric key with a corresponding first 
d ecrvptine key ; 

encrypting the first decrypting key, using a second encrypting key; 

broadcasting promotional metadata related to at least part of the encrypted content 
data on a first web broadcast channel for reception by at least one user's system; 

sending at least part of the encrypted content data over a second channel; 

transferring the encrypted first decrypting key, which has been encrypted with the 
second encrypting key ^ » trusted third party, to the user's system via a computer 
readable medium; 

transferring th* encry pted first decryptin g ke y, w hich h 3S been encrypted with the 
second encrypting key to the truste d third party: 

reviving the ttnr.rvnted first rW.rv pting kev. which has been decrypted by the 
trusted third party and re-enc rvpted with a user's system key, and 

decrypting, on the user's system in a tamper resistant environment, the encrypted 
first decrypting key with a snuiid dm vpliug key user's system key; 

wheieiii the lampti ic-sislaiit euviiuunicut fuima nuiuyplul luuLml data by 

d e u vpliug Oil muyplcd cunluit data with die first d c ny pl iiig key and iu,uu j/pthifi t h e 
umtuil daU wiJi a luoallj guiualul digital luuUnl playu uiu jp liug key ^ Uj be 
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c o mpatible with a cuntent player application o n the user's, astern which renders 
reencrypted content data delivered from one of a teleconiniimicati o n s infrastmctuic dnd a 
compu t er readable storage m e dium . 
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